<?

class sign_password_action extends action_controller
{
	public function execute()
	{
		$data = explode(';', base64_decode($_GET['d']));
		if ( !$id = $data[0] ) response::redirect('/');

		$this->user = user_peer::get($id);

		$sign = $data[1];

		if ( $sign != md5($id . $this->user['email'] . $this->user['password'] . 'recovery') )
			response::redirect('/');
	}

	public function execute_post()
	{
		$this->json = array();

		if ( !$_POST['password'] )
			return $this->json = array('error' => 'Password is empty');

		if ( $_POST['password'] != $_POST['password_confirm'] )
			return $this->json = array('error' => 'Passwords do not match');

		user_peer::save($this->user['id'], array('password' => md5($_POST['password'])));
	}
}